Rsyslog is an open-source software utility used on UNIX and Unix-like computer systems for forwarding log messages in an IPnetwork. It implements the basic syslog protocol, extends it with content-based filtering, rich filtering capabilities, flexible configuration options and adds features such as using TCP for transport.

The official RSYSLOG website defines the utility as "the rocket-fast system for log processing".[1]

Contents

Rsyslog uses the quasi-standard BSD syslog protocol, specified in RFC 3164. As the text of RFC 3164 is an informational description and not a standard, various incompatible extensions of it emerged. Rsyslog supports many of these extensions. The format of relayed messages can be customized.

The most important extensions of the original protocol supported by rsyslog are:

The rsyslog project began in 2004, when Rainer Gerhards, the primary author of rsyslog, decided to write a new strong syslog daemon to compete with syslog-ng, because, according to the author, "A new major player will prevent monocultures and provide a rich freedom of choice."[2] Rainer Gerhards worked on rsyslog inside his own company, Adiscon GmbH.

rsyslog is available for a number of Unix systems and Linux distributions, among others:[3]

Fedora (In November 2007, rsyslog has become the default syslogd for the Fedora project) Fedora was the first major distribution to adopt this software; however, since Fedora 20 "Heisenbug" (released on December 17 2013) the default syslog has been replaced by journald.